Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 18:54:54 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 18:54:54 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 18:54:54 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 18:54:54 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 18:54:54 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\Downloads\083a3e83-1032-4cf6-84cd-6cced6296e1c.tmp
|
Zip archive data, at least v4.5 to extract, compression method=deflate
|
dropped
|
||
C:\Users\user\Downloads\Asana.msix (copy)
|
Zip archive data, at least v4.5 to extract, compression method=deflate
|
dropped
|
||
C:\Users\user\Downloads\Unconfirmed 4063.crdownload
|
Zip archive data, at least v4.5 to extract, compression method=deflate
|
dropped
|
||
Chrome Cache Entry: 169
|
gzip compressed data, max compression, original size modulo 2^32 40461
|
downloaded
|
||
Chrome Cache Entry: 170
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 171
|
ASCII text, with very long lines (17673)
|
downloaded
|
||
Chrome Cache Entry: 172
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 173
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 174
|
HTML document, ASCII text
|
dropped
|
||
Chrome Cache Entry: 175
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
Chrome Cache Entry: 176
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
Chrome Cache Entry: 177
|
gzip compressed data, max compression, original size modulo 2^32 1641
|
downloaded
|
||
Chrome Cache Entry: 178
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
Chrome Cache Entry: 179
|
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 180
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 181
|
RIFF (little-endian) data, Web/P image, VP8 encoding, 560x373, Suserng: [none]x[none], YUV color, decoders should clamp
|
downloaded
|
||
Chrome Cache Entry: 182
|
ASCII text, with very long lines (2343)
|
downloaded
|
||
Chrome Cache Entry: 183
|
RIFF (little-endian) data, Web/P image
|
dropped
|
||
Chrome Cache Entry: 184
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 185
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 186
|
RIFF (little-endian) data, Web/P image
|
dropped
|
||
Chrome Cache Entry: 187
|
HTML document, ASCII text
|
downloaded
|
||
Chrome Cache Entry: 188
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 189
|
RIFF (little-endian) data, Web/P image, VP8 encoding, 560x373, Suserng: [none]x[none], YUV color, decoders should clamp
|
dropped
|
||
Chrome Cache Entry: 190
|
RIFF (little-endian) data, Web/P image
|
dropped
|
||
Chrome Cache Entry: 191
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 192
|
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 193
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 194
|
ASCII text, with CRLF line terminators
|
downloaded
|
||
Chrome Cache Entry: 195
|
gzip compressed data, max compression, original size modulo 2^32 221
|
downloaded
|
||
Chrome Cache Entry: 196
|
gzip compressed data, max compression, original size modulo 2^32 32214
|
downloaded
|
||
Chrome Cache Entry: 197
|
RIFF (little-endian) data, Web/P image
|
dropped
|
||
Chrome Cache Entry: 198
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 199
|
HTML document, ASCII text
|
dropped
|
||
Chrome Cache Entry: 200
|
gzip compressed data, max compression, original size modulo 2^32 104206
|
downloaded
|
||
Chrome Cache Entry: 201
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
Chrome Cache Entry: 202
|
RIFF (little-endian) data, Web/P image
|
dropped
|
||
Chrome Cache Entry: 203
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 204
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 205
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 206
|
ASCII text, with very long lines (1211)
|
downloaded
|
||
Chrome Cache Entry: 207
|
RIFF (little-endian) data, Web/P image
|
dropped
|
||
Chrome Cache Entry: 208
|
gzip compressed data, max compression, original size modulo 2^32 234400
|
downloaded
|
||
Chrome Cache Entry: 209
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 210
|
gzip compressed data, max compression, original size modulo 2^32 19512
|
downloaded
|
||
Chrome Cache Entry: 211
|
ASCII text, with very long lines (7711)
|
downloaded
|
||
Chrome Cache Entry: 212
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
Chrome Cache Entry: 213
|
ASCII text, with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 214
|
gzip compressed data, max compression, original size modulo 2^32 7386
|
downloaded
|
||
Chrome Cache Entry: 215
|
gzip compressed data, max compression, original size modulo 2^32 34464
|
downloaded
|
||
Chrome Cache Entry: 216
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 217
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
Chrome Cache Entry: 218
|
gzip compressed data, max compression, original size modulo 2^32 17631
|
downloaded
|
||
Chrome Cache Entry: 219
|
ASCII text, with very long lines (1572)
|
downloaded
|
||
Chrome Cache Entry: 220
|
gzip compressed data, max compression, original size modulo 2^32 18722
|
downloaded
|
||
Chrome Cache Entry: 221
|
gzip compressed data, max compression, original size modulo 2^32 387
|
downloaded
|
||
Chrome Cache Entry: 222
|
gzip compressed data, max compression, original size modulo 2^32 40839
|
downloaded
|
||
Chrome Cache Entry: 223
|
gzip compressed data, max compression, original size modulo 2^32 60953
|
downloaded
|
||
Chrome Cache Entry: 224
|
gzip compressed data, max compression, original size modulo 2^32 12258
|
downloaded
|
||
Chrome Cache Entry: 225
|
gzip compressed data, max compression, original size modulo 2^32 96769
|
downloaded
|
||
Chrome Cache Entry: 226
|
SVG Scalable Vector Graphics image
|
dropped
|
||
Chrome Cache Entry: 227
|
RIFF (little-endian) data, Web/P image
|
dropped
|
||
Chrome Cache Entry: 228
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 229
|
gzip compressed data, max compression, original size modulo 2^32 36664
|
downloaded
|
||
Chrome Cache Entry: 230
|
Web Open Font Format, TrueType, length 56800, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 231
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 232
|
ASCII text
|
downloaded
|
||
Chrome Cache Entry: 233
|
ASCII text, with very long lines (1534), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 234
|
ASCII text, with very long lines (4300)
|
downloaded
|
||
Chrome Cache Entry: 235
|
gzip compressed data, max compression, original size modulo 2^32 108226
|
downloaded
|
||
Chrome Cache Entry: 236
|
RIFF (little-endian) data, Web/P image, VP8 encoding, 560x373, Suserng: [none]x[none], YUV color, decoders should clamp
|
downloaded
|
||
Chrome Cache Entry: 237
|
RIFF (little-endian) data, Web/P image, VP8 encoding, 560x373, Suserng: [none]x[none], YUV color, decoders should clamp
|
dropped
|
||
Chrome Cache Entry: 238
|
Web Open Font Format (Version 2), TrueType, length 14892, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 239
|
RIFF (little-endian) data, Web/P image
|
dropped
|
||
Chrome Cache Entry: 240
|
gzip compressed data, max compression, original size modulo 2^32 25095
|
downloaded
|
||
Chrome Cache Entry: 241
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 242
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 243
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
Chrome Cache Entry: 244
|
gzip compressed data, max compression, original size modulo 2^32 29354
|
downloaded
|
||
Chrome Cache Entry: 245
|
gzip compressed data, max compression, original size modulo 2^32 29953
|
downloaded
|
||
Chrome Cache Entry: 246
|
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 247
|
SVG Scalable Vector Graphics image
|
dropped
|
||
Chrome Cache Entry: 248
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 249
|
Web Open Font Format (Version 2), TrueType, length 128352, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 250
|
gzip compressed data, max compression, original size modulo 2^32 31624
|
downloaded
|
||
Chrome Cache Entry: 251
|
Web Open Font Format (Version 2), TrueType, length 14780, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 252
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 253
|
gzip compressed data, max compression, original size modulo 2^32 11572
|
downloaded
|
||
Chrome Cache Entry: 254
|
gzip compressed data, max compression, original size modulo 2^32 266366
|
downloaded
|
||
Chrome Cache Entry: 255
|
gzip compressed data, max compression, original size modulo 2^32 95561
|
downloaded
|
||
Chrome Cache Entry: 256
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 257
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 258
|
gzip compressed data, max compression, original size modulo 2^32 328
|
downloaded
|
||
Chrome Cache Entry: 259
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 260
|
RIFF (little-endian) data, Web/P image
|
dropped
|
||
Chrome Cache Entry: 261
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
Chrome Cache Entry: 262
|
RIFF (little-endian) data, Web/P image, VP8 encoding, 560x373, Suserng: [none]x[none], YUV color, decoders should clamp
|
dropped
|
||
Chrome Cache Entry: 263
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
Chrome Cache Entry: 264
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 265
|
gzip compressed data, max compression, original size modulo 2^32 39450
|
downloaded
|
||
Chrome Cache Entry: 266
|
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 267
|
ASCII text, with very long lines (631)
|
downloaded
|
||
Chrome Cache Entry: 268
|
Web Open Font Format, TrueType, length 55956, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 269
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 270
|
gzip compressed data, max compression, original size modulo 2^32 37014
|
downloaded
|
||
Chrome Cache Entry: 271
|
ASCII text, with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 272
|
gzip compressed data, max compression, original size modulo 2^32 24753
|
downloaded
|
||
Chrome Cache Entry: 273
|
ASCII text, with CRLF line terminators
|
downloaded
|
||
Chrome Cache Entry: 274
|
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 275
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 276
|
gzip compressed data, max compression, original size modulo 2^32 66947
|
downloaded
|
||
Chrome Cache Entry: 277
|
gzip compressed data, max compression, original size modulo 2^32 116978
|
downloaded
|
||
Chrome Cache Entry: 278
|
RIFF (little-endian) data, Web/P image, VP8 encoding, 560x373, Suserng: [none]x[none], YUV color, decoders should clamp
|
dropped
|
||
Chrome Cache Entry: 279
|
gzip compressed data, max compression, original size modulo 2^32 21995
|
downloaded
|
||
Chrome Cache Entry: 280
|
MS Windows icon resource - 1 icon, 100x100, 32 bits/pixel
|
downloaded
|
||
Chrome Cache Entry: 281
|
Zip archive data, at least v4.5 to extract, compression method=deflate
|
downloaded
|
||
Chrome Cache Entry: 282
|
RIFF (little-endian) data, Web/P image
|
dropped
|
||
Chrome Cache Entry: 283
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 284
|
gzip compressed data, max compression, original size modulo 2^32 15091
|
downloaded
|
||
Chrome Cache Entry: 285
|
gzip compressed data, max compression, original size modulo 2^32 21624
|
downloaded
|
||
Chrome Cache Entry: 286
|
HTML document, Unicode text, UTF-8 text, with very long lines (2508)
|
downloaded
|
||
Chrome Cache Entry: 287
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
Chrome Cache Entry: 288
|
gzip compressed data, max compression, original size modulo 2^32 12133
|
downloaded
|
||
Chrome Cache Entry: 289
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 290
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
Chrome Cache Entry: 291
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
Chrome Cache Entry: 292
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 293
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
Chrome Cache Entry: 294
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 295
|
Web Open Font Format (Version 2), TrueType, length 14824, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 296
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 297
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 298
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 299
|
gzip compressed data, max compression, original size modulo 2^32 33369
|
downloaded
|
||
Chrome Cache Entry: 300
|
gzip compressed data, max compression, original size modulo 2^32 23892
|
downloaded
|
||
Chrome Cache Entry: 301
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 302
|
gzip compressed data, max compression, original size modulo 2^32 221
|
dropped
|
||
Chrome Cache Entry: 303
|
Web Open Font Format (Version 2), TrueType, length 14712, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 304
|
ASCII text, with very long lines (588)
|
downloaded
|
||
Chrome Cache Entry: 305
|
gzip compressed data, max compression, original size modulo 2^32 27594
|
downloaded
|
||
Chrome Cache Entry: 306
|
gzip compressed data, max compression, original size modulo 2^32 20294
|
downloaded
|
||
Chrome Cache Entry: 307
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 308
|
ASCII text, with very long lines (631)
|
downloaded
|
||
Chrome Cache Entry: 309
|
ASCII text, with very long lines (21769)
|
downloaded
|
||
Chrome Cache Entry: 310
|
gzip compressed data, max compression, original size modulo 2^32 435
|
downloaded
|
||
Chrome Cache Entry: 311
|
Web Open Font Format (Version 2), TrueType, length 21324, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 312
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 313
|
ASCII text, with very long lines (512)
|
downloaded
|
||
Chrome Cache Entry: 314
|
gzip compressed data, max compression, original size modulo 2^32 76567
|
downloaded
|
||
Chrome Cache Entry: 315
|
RIFF (little-endian) data, Web/P image, VP8 encoding, 560x373, Suserng: [none]x[none], YUV color, decoders should clamp
|
downloaded
|
||
Chrome Cache Entry: 316
|
MS Windows icon resource - 1 icon, 100x100, 32 bits/pixel
|
dropped
|
||
Chrome Cache Entry: 317
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 318
|
gzip compressed data, max compression, original size modulo 2^32 5751805
|
downloaded
|
||
Chrome Cache Entry: 319
|
RIFF (little-endian) data, Web/P image
|
dropped
|
||
Chrome Cache Entry: 320
|
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 321
|
gzip compressed data, max compression, original size modulo 2^32 19738
|
downloaded
|
||
Chrome Cache Entry: 322
|
ASCII text, with very long lines (7711)
|
downloaded
|
||
Chrome Cache Entry: 323
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 324
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 325
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
Chrome Cache Entry: 326
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 327
|
RIFF (little-endian) data, Web/P image
|
dropped
|
||
Chrome Cache Entry: 328
|
SVG Scalable Vector Graphics image
|
dropped
|
||
Chrome Cache Entry: 329
|
gzip compressed data, max compression, original size modulo 2^32 1585
|
downloaded
|
||
Chrome Cache Entry: 330
|
RIFF (little-endian) data, Web/P image, VP8 encoding, 560x373, Suserng: [none]x[none], YUV color, decoders should clamp
|
downloaded
|
||
Chrome Cache Entry: 331
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 332
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
Chrome Cache Entry: 333
|
gzip compressed data, max compression, original size modulo 2^32 22620
|
downloaded
|
||
Chrome Cache Entry: 334
|
ASCII text, with very long lines (56412), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 335
|
gzip compressed data, max compression, original size modulo 2^32 38426
|
downloaded
|
||
Chrome Cache Entry: 336
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 337
|
gzip compressed data, max compression, original size modulo 2^32 595874
|
downloaded
|
||
Chrome Cache Entry: 338
|
RIFF (little-endian) data, Web/P image, VP8 encoding, 560x373, Suserng: [none]x[none], YUV color, decoders should clamp
|
dropped
|
||
Chrome Cache Entry: 339
|
gzip compressed data, max compression, original size modulo 2^32 26061
|
downloaded
|
||
Chrome Cache Entry: 340
|
RIFF (little-endian) data, Web/P image, VP8 encoding, 560x373, Suserng: [none]x[none], YUV color, decoders should clamp
|
downloaded
|
||
Chrome Cache Entry: 341
|
gzip compressed data, max compression, original size modulo 2^32 19726
|
downloaded
|
||
Chrome Cache Entry: 342
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 343
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 344
|
gzip compressed data, max compression, original size modulo 2^32 8720
|
downloaded
|
||
Chrome Cache Entry: 345
|
gzip compressed data, max compression, original size modulo 2^32 28767
|
downloaded
|
||
Chrome Cache Entry: 346
|
ASCII text, with very long lines (1538), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 347
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 348
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 349
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 350
|
gzip compressed data, max compression, original size modulo 2^32 23811
|
downloaded
|
There are 182 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://asana.wf/
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2160 --field-trial-handle=1936,i,14722219438862826777,18196455829393117014,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
http://asana.wf
|
|||
https://rdap.arin.net/registry/entity/KAYAA1-ARIN
|
unknown
|
||
http://geo.netsupportsoftware.com/location/loca.asp
|
unknown
|
||
https://www.virustotal.com/gui/vt-ui-sw-installer.c228b2b19bd8517cfe55.js
|
74.125.34.46
|
||
https://cdn40.click/9e4e27b7-bcfb-4298-bf8f-2cf4a6bdb3bf-9b6b40d6-3f8e-4755-9063-562658ebdb95
|
23.133.88.190
|
||
https://www.virustotal.com/gui/19739.d25d76e348ff4042df61.js
|
74.125.34.46
|
||
https://www.virustotal.com/ui/ip_addresses/104.18.20.226
|
unknown
|
||
https://github.com/MBCProject/mbc-markdown/blob/main/micro-behaviors/process/README.md
|
unknown
|
||
https://rdap.arin.net/registry/ip/3.0.0.0
|
unknown
|
||
https://www.virustotal.com/gui/
|
|||
https://ampcid.google.com/v1/publisher:getClientId
|
unknown
|
||
about:blank
|
|||
https://d30y9cdsu7xlg0.cloudfront.net/png/29715-200.png
|
unknown
|
||
https://www.virustotal.com/ui/ip_addresses/239.255.255.250
|
unknown
|
||
https://registrar.amazon.com
|
unknown
|
||
https://icann.org/epp#serverDeleteProhibited
|
unknown
|
||
https://cdn40.click/files/Asana.msix
|
23.133.88.190
|
||
https://www.virustotal.com/ui/files/76f98321f50595725f64f058d8f33103d518c5d77680fd7d5521c41786299358/contacted_urls
|
74.125.34.46
|
||
https://www.virustotal.com/gui/63334.fa0abcaaac3e415ca2c7.js
|
74.125.34.46
|
||
https://attack.mitre.org/techniques/T1064/
|
unknown
|
||
https://support.google.com/recaptcha/#6175971
|
unknown
|
||
https://www.gstatic.c..?/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__.
|
unknown
|
||
https://github.com/MBCProject/mbc-markdown/blob/main/anti-behavioral-analysis/debugger-evasion.md#me
|
unknown
|
||
http://www.iana.org/assignments/multicast-addresses
|
unknown
|
||
https://support.google.com/recaptcha
|
unknown
|
||
https://www.virustotal.com/gui/search/f76954b68cc390f8009f1a052283a740
|
unknown
|
||
https://www.virustotal.com/go/utm/be91ae163b0b70204e9a73cc5d0590fe87d4c8f6a5b1073b6e4141916d373d8859
|
unknown
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=virustotal.com&oit=3&cp=14&pgcl=4&gs_rn=42&psi=3aV4RE0JYE4q_43B&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
64.233.185.105
|
||
https://rdap.arin.net/registry/entity/RNO29-ARIN
|
unknown
|
||
https://www.virustotal.com/ui/user_notifications
|
74.125.34.46
|
||
https://www.virustotal.com/ui/files/76f98321f50595725f64f058d8f33103d518c5d77680fd7d5521c41786299358/pe_resource_children
|
74.125.34.46
|
||
https://www.virustotal.com/ui/files/76f98321f50595725f64f058d8f33103d518c5d77680fd7d5521c41786299358/behaviour_mitre_trees
|
74.125.34.46
|
||
https://www.virustotal.com/gui/stackdriver-errors.b289406877fe6574d5ac.js
|
74.125.34.46
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=viru&oit=1&cp=4&pgcl=4&gs_rn=42&psi=3aV4RE0JYE4q_43B&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
64.233.185.105
|
||
https://www.virustotal.com/gui/6829.6c727ee07d052c60889f.js
|
74.125.34.46
|
||
https://www.virustotal.com/gui/36619.68cafafc7df311d6c6b7.js
|
74.125.34.46
|
||
https://rdap.arin.net/registry/entity/APNIC
|
unknown
|
||
https://www.snort.org/downloads/#rule-downloads
|
unknown
|
||
https://rdap.arin.net/registry/entity/NOC11962-ARIN
|
unknown
|
||
https://www.virustotal.com/gui/86082.7555cf018c5a216147a4.js
|
74.125.34.46
|
||
https://www.virustotal.com/ui/files/76f98321f50595725f64f058d8f33103d518c5d77680fd7d5521c41786299358/behaviours?limit=40
|
74.125.34.46
|
||
https://github.com/MBCProject/mbc-markdown/blob/main/micro-behaviors/communication/wininet.md
|
unknown
|
||
https://github.com/MBCProject/mbc-markdown/blob/main/anti-behavioral-analysis/README.md
|
unknown
|
||
https://www.virustotal.com/gui/74552.2e8192dc6c15c665f808.js
|
74.125.34.46
|
||
https://notepad-plus-plus.org/
|
unknown
|
||
https://www.virustotal.com/gui/87027.b53dee6a7718580c76f9.js
|
74.125.34.46
|
||
https://github.com/MBCProject/mbc-markdown/blob/main/discovery/README.md
|
unknown
|
||
https://rdap.arin.net/registry/entity/IPROU3-ARIN
|
unknown
|
||
https://asana.wf/img/logo-ratio-40pxheight-Dell.svg
|
94.131.101.65
|
||
http://r3.o.lencr.org
|
unknown
|
||
https://github.com/MBCProject/mbc-markdown/blob/main/persistence/README.md
|
unknown
|
||
https://asana.wf/img/HOME24-web-hero-IDC-2x-en-US.webp
|
94.131.101.65
|
||
https://www.brighttalk.com/webcast/18282/592177?utm_source=VirusTotal&utm_medium=email&utm_campaign=
|
unknown
|
||
https://attack.mitre.org/techniques/T1562/001/
|
unknown
|
||
https://github.com/markedjs/marked.
|
unknown
|
||
https://cloud.google.com/terms/service-terms
|
unknown
|
||
https://icann.org/epp#clientdeleteprohibited
|
unknown
|
||
https://cloud.google.com/contact
|
unknown
|
||
https://www.youtube.com/embed
|
unknown
|
||
https://www.virustotal.com/gui/53486.ad811c674149540522ec.js
|
74.125.34.46
|
||
https://asana.com/
|
unknown
|
||
https://attack.mitre.org/techniques/T1498/))
|
unknown
|
||
https://www.virustotal.com/ui/ip_addresses/224.0.0.251
|
unknown
|
||
https://attack.mitre.org/techniques/T1056/
|
unknown
|
||
https://www.virustotal.com/ui/ip_addresses/15.197.167.90
|
unknown
|
||
https://icann.org/epp#clienttransferprohibited
|
unknown
|
||
https://www.virustotal.com/ui/domains/geo.netsupportsoftware.com
|
unknown
|
||
https://www.virustotal.com/ui/files/312bd304860f9865ed4073f5baffde8df9907a1ebfedd2d1d637ab48db3ca004
|
unknown
|
||
https://www.virustotal.com/gui/static/opensearch.xml
|
74.125.34.46
|
||
https://www.virustotal.com/ui/ip_addresses/3.33.186.135
|
unknown
|
||
https://icann.org/epp#serverupdateprohibited
|
unknown
|
||
http://wq.apnic.net/apnic-bin/whois.pl
|
unknown
|
||
https://attack.mitre.org/techniques/T1033/
|
unknown
|
||
https://cloud.google.com/recaptcha-enterprise/billing-information
|
unknown
|
||
https://icann.org/epp#serverTransferProhibited
|
unknown
|
||
https://www.virustotal.com/gui/73581.c40f4c346950a7606c39.js
|
74.125.34.46
|
||
https://github.com/MBCProject/mbc-markdown/blob/main/defense-evasion/hidden-files-and-directories.md
|
unknown
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=virust&oit=1&cp=6&pgcl=4&gs_rn=42&psi=3aV4RE0JYE4q_43B&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
64.233.185.105
|
||
https://www.virustotal.com/ui/ip_addresses/172.67.68.212
|
unknown
|
||
https://www.virustotal.com/ui/files/76f98321f50595725f64f058d8f33103d518c5d77680fd7d5521c41786299358/votes?relationships=item%2Cvoter
|
74.125.34.46
|
||
https://www.virustotal.com/gui/34386.8514664b2d3faf72fdd8.js
|
74.125.34.46
|
||
https://rdap.arin.net/registry/entity/AEA8-ARIN
|
unknown
|
||
https://www.spamhaus.org/statistics/tlds/
|
unknown
|
||
https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
|
unknown
|
||
https://www.virustotal.com/gui/45518.056c1f55be49c167cf84.js
|
74.125.34.46
|
||
http://registrar.amazon.com
|
unknown
|
||
https://www.virustotal.com/gui/9234.4895d7a797c4dbf3a58b.js
|
74.125.34.46
|
||
https://www.virustotal.com/gui/file/76f98321f50595725f64f058d8f33103d518c5d77680fd7d5521c41786299358?nocache=1
|
|||
https://www.virustotal.com/ui/user_notifications/2023020217
|
unknown
|
||
https://attack.mitre.org/techniques/T1059/
|
unknown
|
||
https://attack.mitre.org/techniques/T1059)
|
unknown
|
||
https://icann.org/epp#serverdeleteprohibited
|
unknown
|
||
https://attack.mitre.org/techniques/T1499/))
|
unknown
|
||
https://www.virustotal.com/ui/ip_addresses/104.18.21.226
|
unknown
|
||
https://asana.wf/assets/svg/icons.svg
|
94.131.101.65
|
||
https://www.virustotal.com/gui/images/favicon.svg
|
74.125.34.46
|
||
https://dialogflow.cloud.google.com/v1/cx/locations/
|
unknown
|
||
https://www.virustotal.com/ui/user_notifications/20230315-use-vt-api-like-a-pro-webinar
|
unknown
|
||
https://www.virustotal.com/gui/76491.7dc0284cb3a5a45a07f9.js
|
74.125.34.46
|
||
https://attack.mitre.org/tactics/TA0004/
|
unknown
|
||
https://www.virustotal.com/ui/ip_addresses/23.133.88.190
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
ghs-svc-https-c46.ghs-ssl.googlehosted.com
|
74.125.34.46
|
||
asana.wf
|
94.131.101.65
|
||
cdn40.click
|
23.133.88.190
|
||
virustotal.com
|
216.239.36.21
|
||
www.recaptcha.net
|
173.194.219.94
|
||
api.ipify.org
|
104.26.12.205
|
||
www.google.com
|
64.233.185.105
|
||
recaptcha.net
|
64.233.176.94
|
||
www.virustotal.com
|
unknown
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
192.168.2.16
|
unknown
|
unknown
|
||
173.194.219.94
|
www.recaptcha.net
|
United States
|
||
74.125.34.46
|
ghs-svc-https-c46.ghs-ssl.googlehosted.com
|
United States
|
||
216.239.36.21
|
virustotal.com
|
United States
|
||
104.26.13.205
|
unknown
|
United States
|
||
23.133.88.190
|
cdn40.click
|
Reserved
|
||
104.26.12.205
|
api.ipify.org
|
United States
|
||
94.131.101.65
|
asana.wf
|
Ukraine
|
||
239.255.255.250
|
unknown
|
Reserved
|
||
64.233.185.105
|
www.google.com
|
United States
|
||
108.177.122.104
|
unknown
|
United States
|
There are 1 hidden IPs, click here to show them.
DOM / HTML
URL
|
Malicious
|
|
---|---|---|
https://asana.wf/
|
||
https://www.virustotal.com/gui/
|
||
https://www.virustotal.com/gui/home/upload
|
||
about:blank
|
||
https://recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Ldjgd0kAAAAAITm7ipWF7o7kPL_81SaSfdINiOc&co=aHR0cHM6Ly93d3cudmlydXN0b3RhbC5jb206NDQz&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=7i4v2m4h9i6y
|
||
https://www.virustotal.com/gui/file/76f98321f50595725f64f058d8f33103d518c5d77680fd7d5521c41786299358
|
||
https://www.virustotal.com/gui/file-analysis/MjgyZGEwMjA3OThhZmJkN2VmZjQwY2U4NTRlOGQwMWY6MTcxNDA3NDkzNg==
|
||
https://www.virustotal.com/gui/file/76f98321f50595725f64f058d8f33103d518c5d77680fd7d5521c41786299358?nocache=1
|